cloud security
Malware that spreads via Redis now capable of deploying ransomware
P2Pinfect now able to deploy ransomware and crypto miner payloads.
Cybersecurity
đź’€This malware campaign uses Discord emojis for C2 instructions
Camera emoji? "Take a screenshot of the victim's screen and upload it to the command channel as an attachment."
Cybersecurity
Single host saw 70,000 servers hit with Ebury backdoor
Malware operators “have established a significant presence in data centers worldwide”Â
News
Kapeka Russian malware surfaces in Europe
A new variant of the Kremlin-backed Sandworm software known as Kapeka has been found in the wild
News
International 'Duck Hunt' dismantles Qakbot network
An international law enforcement campaign has struck a lethal blow to the long-running Qakbot malware and botnet operation
malware
WinRAR zero-day used to pack in malware for targeted attacks
A months-long malware campaign was seen exploiting a zero-day flaw in WinRAR for spear-phishing attacks aimed at traders and finance professionals
News
LabRat malware said to be flying under the radar of security tools
A newly-spoted proxyjacking campaign is going above and beyond to hide itself from detection
Cybersecurity
Malvertising: Threat actors are duping downloaders using... Google Ads and SEO
Threat actors are using SEO to trick users into downloading ransomware.
malware
NSA warns over “false sense of security” on Black Lotus UEFI bootkit risk
The bootkit has been sold on underground forums since at least October 6, 2022. It has a tiny on-disk size of around 80kb, can disable HVCI, Windows Defender, BitLocker, and bypass UAC
Featured
Five Eyes kills Russia’s Snake after FSB used weak crypto
Highly sophisticated malware had been refined for over 20 years
Cybersecurity
Over 200,000 unique malware samples found in 12 weeks, amid AI threat warnings
Signature-based detection is dying hard.
Cybersecurity
GoDaddy punched in the cPanel server by hackers
Pshaw “no material adverse impact”